Incident Response Training, Analysis of Phishing Incident, Day 12

In this full series we will talk about Incident Response and it will be a Free Training for everyone. Today is Day-12 and I will show you a real Phishing Incident that happenned in one Security Operations Centre.

I will show you 2 Phishing Email that came to my mailbox and in the process of analyzing them, I will explore each aspect of that email. One email came to know while someone tried to send me a malware provoking me to offer a sponshorship to BlackPerl and another one is a one Credential harvesting email that tried to trick me to get my AWS credentials. So, in this Episode,
👉 I will show you how to effectively analyze email Header via a Inhouse FOSS tool
👉 How to analyze credential harvesting content
👉 How to collect the IOCs- (IP, Email ID, domain, URL) etc in easy process without knowing anything about the email
👉 How to go behind the email URL to get more IOCs
👉 Easy process to analyse the supplied malware to know more IOCs
👉 How to contain the Incident
👉 What all Steps you need to take if you are an Incident Handler

So it's a full detailed analysis of real SOC Incident and has in depth analysis. If you want to become a SOC analyst, want to work on real cyber incidents, if you are a absolute beginner or a experienced professional; each one of you should have something in this episode, in terms of learning.

Tools I have used in this Episode-
👉 HUNt3r- Malware Analyzer Tool (Coming Soon!)

Related Episodes-

WATCH BELOW Playlists as well, if you want to make your career in DFIR and Security Operations!!


⌚
Timelines

0:00 ⏩ Pretty sketchy stuff!
0:46 ⏩ Introduction
2:13 ⏩ What are we dealing with
5:12 ⏩ Usecase1- Header Analysis
11:20 ⏩ Analyze the Malware
19:56 ⏩ Containment Steps
22:20 ⏩ Usecase2- Header Analysis
27:12 ⏩ Extract IOCs from Header
32:36 ⏩ Analyzing the URL
38:59 ⏩ Containment Steps
41:18 ⏩ Support Me and Summarize


📞📲
FOLLOW ME EVERYWHERE-

✔ Twitter: @blackperl_dfir

SUPPORT BLACKPERL

╔═╦╗╔╦╗╔═╦═╦╦╦╦╗╔═╗
║╚╣║║║╚╣╚╣╔╣╔╣║╚╣═╣
╠╗║╚╝║║╠╗║╚╣║║║║║═╣
╚═╩══╩═╩═╩═╩╝╚╩═╩═╝
➡️ SUBSCRIBE, Share, Like, Comment

🙏 Thanks for watching!! Be CyberAware!! 🤞

BlackPerl

Correct timing of this incident. Thanks for sharing the tool, will definitely try this.

zivakhan

অনেক ইনফরমেটিভ ছিল স্যার। ধন্যবাদ আপনাকে বিনামূল্যে জ্ঞান এভাবে ছড়িয়ে দেয়ার জন্য 🥰

ShantanuDeyAnik

I just started to do phishing emails analysis - great video and nice tools THANK YOU!!!!

OngoingIdeas

Addicted to your videos and eagerly waiting for weekends to watch

santoshkumar-bbfm

Good session. Thank you for sharing knowledge with us 🙏

raghu

excellent tutorial. email header analysis tool is really nice.

cararose

Thank you Mr. BlackPerl for this amazing video

puneetkhandelwal

U are simply the best. Good Explanation and very easy to understand. many thanks for such valuable information.

manny

Hey, This is a really interesting and informative session. keep going

ashfaqahamed

Awsome video as always😊Thanks for your time for creating such a nice content.You are just amazing

sadiqa

Really like ur content. I also from incident response and analysis background.

Sourav_Debnath

Do the videos keep starting from the middle of the incident?

BushRat

Hi, could you provide the video you talked about in this video about manually analysing the email header?

deanhaycox

Awesome Explanation. Do you have any suggestion for Filter creation on Email Gateway?

anishdash

Hi and thank you for the great explanation; how did you get the google drive file downloaded in your VM; do you have a video HOW TO?

Remadorever

bro will plz explain about parent child relation and i really learn a lot i this digital forensics feild by u hope so that i will learn more from u, keep it up bro

MdHasan-pdmn

Hello Sir
Can you share the HUNt3r- Malware Analyzer Tool link

yalghaar

Sir plz tell about website hacked forensics... If someone website has been hacked... How to investigate....???
Plzz plz sir...

Saxena_abhiraj

how to download this HUNt3r- Malware Analyzer Tool (Coming Soon!)?

funnyclips